diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index b9fdd4d2ceb..8ff29478564 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -25,12 +25,12 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Initialize CodeQL - uses: github/codeql-action/init@379614612a29c9e28f31f39a59013eb8012a51f0 + uses: github/codeql-action/init@47b3d888fe66b639e431abf22ebca059152f1eea with: languages: go - name: Autobuild - uses: github/codeql-action/autobuild@379614612a29c9e28f31f39a59013eb8012a51f0 + uses: github/codeql-action/autobuild@47b3d888fe66b639e431abf22ebca059152f1eea - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@379614612a29c9e28f31f39a59013eb8012a51f0 + uses: github/codeql-action/analyze@47b3d888fe66b639e431abf22ebca059152f1eea diff --git a/.github/workflows/patch-docs.yaml b/.github/workflows/patch-docs.yaml index 8ca3003e916..007ddb27004 100644 --- a/.github/workflows/patch-docs.yaml +++ b/.github/workflows/patch-docs.yaml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit @@ -41,7 +41,7 @@ jobs: run: make patch-version-docs NEWVERSION=v${MAJOR_VERSION}.${MINOR_VERSION}.x TAG=v${TAG} OLDVERSION=v${MAJOR_VERSION}.${MINOR_VERSION}.$((PATCH_VERSION-1)) - name: Create release pull request - uses: peter-evans/create-pull-request@153407881ec5c347639a548ade7d8ad1d6740e38 # v5.0.2 + uses: peter-evans/create-pull-request@a4f52f8033a6168103c2538976c07b467e8163bc # v6.0.1 with: commit-message: "chore: Patch docs for ${{ env.TAG }} release" title: "chore: Patch docs for ${{ env.TAG }} release" diff --git a/.github/workflows/release-pr.yaml b/.github/workflows/release-pr.yaml index 6214cf06a7c..b0c62030c8d 100644 --- a/.github/workflows/release-pr.yaml +++ b/.github/workflows/release-pr.yaml @@ -80,7 +80,7 @@ jobs: run: make version-docs NEWVERSION=v${MAJOR_VERSION}.${MINOR_VERSION}.x TAG=v${TAG} - name: Create release pull request - uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0 + uses: peter-evans/create-pull-request@a4f52f8033a6168103c2538976c07b467e8163bc # v6.0.1 with: commit-message: "chore: Prepare ${{ env.NEWVERSION }} release" title: "chore: Prepare ${{ env.NEWVERSION }} release" diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index c2698670cac..7b6998e9d5a 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3 + uses: github/codeql-action/upload-sarif@47b3d888fe66b639e431abf22ebca059152f1eea # v3.24.5 with: sarif_file: results.sarif diff --git a/.github/workflows/workflow.yaml b/.github/workflows/workflow.yaml index e389de6ba7b..f4486a6547c 100644 --- a/.github/workflows/workflow.yaml +++ b/.github/workflows/workflow.yaml @@ -75,7 +75,7 @@ jobs: run: make native-test - name: Codecov Upload - uses: codecov/codecov-action@e0b68c6749509c5f83f984dd99a76a1c1a231044 # v4.0.1 + uses: codecov/codecov-action@54bcd8715eee62d40e33596ef5e8f0f48dbbccab # v4.1.0 with: flags: unittests file: ./cover.out